Skip to main content

A Django app to private security.txt details

Project description

https://securitytxt.org/ A proposed standard which allows websites to define security policies. https://tools.ietf.org/html/draft-foudil-securitytxt-10#section-3.5.3

based on: https://adamj.eu/tech/2020/06/28/how-to-add-a-well-known-url-to-your-django-site/

Quick start

  1. Add “polls” to your INSTALLED_APPS setting like this:

    INSTALLED_APPS = [
        ...
        'wellknown_security',
    ]
  2. Include the polls URLconf in your project urls.py like this:

    from django.conf.urls import include
    ...
    path('.well-known/', include('wellknown_security.urls')),
  3. Add at least the contact info (either value is fine, can be multiple or just a single one) to settings.py

    Contact:

    WELLKNOWN_SECURITY_CONTACT = (
      'mailto:security@example.com',
      'mailto:security%2Buri%2Bencoded@example.com',
      'tel:+1-201-555-0123',
      'https://example.com/security-contact.html'
    )

    other values can be added as well, e.g

    Encryption:

    WELLKNOWN_SECURITY_ENCRYPTION = (
      'https://example.com/pgp-key.txt',
      'dns:5d2d37ab76d47d36._openpgpkey.example.com?type=OPENPGPKEY',
      'openpgp4fpr:5f2de5521c63a801ab59ccb603d49de44b29100f'
    )
  4. Start the development server and visit http://127.0.0.1:8000/.well-known/security.txt to check the results

    Output:

    Contact: mailto:security@example.com
    Contact: mailto:security%2Buri%2Bencoded@example.com
    Contact: tel:+1-201-555-0123
    Contact: https://example.com/security-contact.html
    
    Encryption: https://example.com/pgp-key.txt
    Encryption: dns:5d2d37ab76d47d36._openpgpkey.example.com?type=OPENPGPKEY
    Encryption: openpgp4fpr:5f2de5521c63a801ab59ccb603d49de44b29100f

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-wellknown-security-0.16.tar.gz (6.0 kB view details)

Uploaded Source

File details

Details for the file django-wellknown-security-0.16.tar.gz.

File metadata

  • Download URL: django-wellknown-security-0.16.tar.gz
  • Upload date:
  • Size: 6.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/44.0.0 requests-toolbelt/0.9.1 tqdm/4.49.0 CPython/3.8.2

File hashes

Hashes for django-wellknown-security-0.16.tar.gz
Algorithm Hash digest
SHA256 f36d116b0a176dd347b2c71ec97842452995d8c79715c40bdbaf60d3b871cbd0
MD5 4be5c8650d4957a6d135701551414e47
BLAKE2b-256 b28b9db182fa55e7f52a200822ff9d1172dc941bc39b943948fcc1bee0fc42e5

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page